1. Field of the Invention
In general, embodiments of the present invention relate to information security in mobile electronic devices and, in particular, to adjusting screen timeouts of mobile devices based on RF and other measurements of and/or at their locations.
2. Description of the Related Art
Computing devices have gotten more powerful, more portable, and more intuitive to use. Corporations and consumers alike have adopted high-tech devices in their businesses and personal lives. Many have come to rely heavily on their portable computing devices, such as smart phones, personal data assistants (PDAs), laptop computers, etc.
As the digital age progresses, some have come to recognize that a computing device itself is often no longer the most important asset to an individual or company, but rather that the data stored on the device is the most important asset. The information often carries a value many times the physical device. To illustrate the value of data over the physical hardware, we note that forward-looking businesses frequently use whole disk encryption and basic input/output system (BIOS)-level passwords to achieve such goals.
Portable and mobile devices, especially work- and business-related devices, often contain sensitive information. A password with a timeout is commonly used to prevent a lost or stolen smart phone or other electronic device from leaking such data. After the device is ‘idle’ for a defined timeout period, the system locks itself down. Further interaction with the device often requires password entry.
Frequent entering of passwords after a device lock-down is generally viewed by users as a nuisance, albeit a necessary one to protect information on their devices. Users generally prefer the timeout intervals to be relatively long so that they do not have to enter passwords as often.
Information Technology (IT) department policies of businesses often require that the timeout intervals be relatively short for the devices that the IT department services. This reduces the risk that an unauthorized user, such as a thief, could get access to data on a mobile device or enter the company's computers through the device.
In setting timeout periods for devices, an IT department should weigh the risks of theft and unauthorized entry with the convenience and usability of its devices. Some users have relatively little access to company data through their devices and therefore need less protection. These users may be rather numerous, so the opportunity for loss or theft may be great. Some users have relatively unimpeded access to company data through their devices and therefore need more protection. Although, these users may be few. Many IT department policies call for a standard, minimum timeout interval (e.g., 5 minutes) on certain devices; some IT departments set different intervals depending on the roles of the users.
Some have attempted to tackle the problem of password-inconvenience by making the entry of a password or other authentication as streamlined as possible. For example, devices that incorporate fingerprint readers or other biometric readers can sometimes be faster at authenticating a user than a traditional password entry. However, these systems often require extra hardware. They are not foolproof, and they sometimes have a backup password entry system in case the special hardware breaks or a person's biometric is corrupted (e.g., a cut on a finger).
There is a need in the art for more convenience involving password-protected timeouts.